//package com.qf.mybatisplus.realm;
//
//import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
//import com.qf.mybatisplus.bean.entity.Permission;
//import com.qf.mybatisplus.bean.entity.Role;
//import com.qf.mybatisplus.bean.entity.User;
//import com.qf.mybatisplus.service.UserService;
//import org.apache.shiro.SecurityUtils;
//import org.apache.shiro.authc.AuthenticationException;
//import org.apache.shiro.authc.AuthenticationInfo;
//import org.apache.shiro.authc.AuthenticationToken;
//import org.apache.shiro.authc.SimpleAuthenticationInfo;
//import org.apache.shiro.authz.AuthorizationInfo;
//import org.apache.shiro.authz.SimpleAuthorizationInfo;
//import org.apache.shiro.realm.AuthorizingRealm;
//import org.apache.shiro.subject.PrincipalCollection;
//import org.springframework.beans.factory.annotation.Autowired;
//
//import java.util.List;
//
//public class MyRealm extends AuthorizingRealm {
//
//    @Autowired
//    private UserService userService;
//
//    /**
//     * 授权
//     * @param principals
//     * @return
//     */
//    @Override
//    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
//        // 获取用户
//        User user = (User) principals.getPrimaryPrincipal();
//        SimpleAuthorizationInfo authorizationInfo = new SimpleAuthorizationInfo();
//        List<Role> roleList = userService.getRoleList(user.getId());
//        for (Role role : roleList) {
//            authorizationInfo.addRole(role.getRoleName()); // 添加角色
//        }
//
//        List<Permission> permissionList = userService.getPermissionList(user.getId());
//        for (Permission permission : permissionList) {
//            System.err.println(user.getName()+"的权限为:"+permission.getPermissionTag());
//            authorizationInfo.addStringPermission(permission.getPermissionTag()); // 添加权限
//        }
//
//        return authorizationInfo;
//    }
//
//    /**
//     * 认证
//     * @param token
//     * @return
//     * @throws AuthenticationException
//     */
//    @Override
//    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
//        // 根据token获取用户名，如果您不知道该该token怎么来的，先可以不管，下文会解释
//        String username = (String) token.getPrincipal();
//        System.err.println("username="+username);
//        // 根据用户名从数据库中查询该用户
////        User user = userService.getByUsername(username);
//        QueryWrapper<User> wrapper = new QueryWrapper<>();
//        wrapper.eq("name",username);
//        User user = userService.getOne(wrapper);
//        if(user != null) {
//            // 把当前用户存到session中
//            SecurityUtils.getSubject().getSession().setAttribute("user", user);
//            // 传入用户名和密码进行身份认证，并返回认证信息
//            //返回认证信息
////            SimpleAuthenticationInfo authenticationInfo = new SimpleAuthenticationInfo(user,"","myRealm");
//            AuthenticationInfo authcInfo = new SimpleAuthenticationInfo(user,user.getPassword(), "myRealm");
//            return authcInfo;
//        } else {
//            return null;
//        }
//    }
//}
